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IN THE CLAIMS 

Please amend the claims as follows: 

Claim 1 (Canceled). 

Claim 2 (Previously Presented): The system of claim 6, wherein the communications 
engine uses SSL to create a secure communications link with the client. 

Claim 3 (Previously Presented): The system of claim 6, wherein the communications 
engine negotiates an encryption protocol for transferring messages to and from the client. 

Claim 4 (Previously Presented): The system of claim 6, wherein the communications 
engine uses public key certificates for transferring messages to and from the client. 

Claim 5 (Previously Presented): The system of claim 6, wherein the security services 
use public key certificates to authenticate a user of the client to determine the user privileges. 

Claim 6 (Currently Amended): A system on a server computer system, comprising: 
a communications engine for e stablishing configured to establish a communications 
link with a client; 

a security services engine coupled to the communications engine for presenting 
configured to present to a us e r of the client a plurality of user authentication protocol options, 
each user authentication protocol option having a particular level of authentication associated 
with it , for auth e nticating to authenticate the a user according to at least one user 
authentication protocol and for d e t e rmining to determine user privileges based on the identity 
of the user and the level of authentication; 
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a web server engine for pr e s e nting configured to present a set of available services 
based on the user privileges, at least one of the available services requiring additional 
authentication information to be provided before access to the service is granted , and for 
e nabling to enable the client to select a particular service from the set of available services; 

a host engine coupled to the security services engine and to the web server far 
providing configured to provide to the client executable service communication code that 
enables communication with the particular service; and 

a keysafe for storing k e ys configured to store kevs , each key for enabling 
communication between the client and a r e sp e ctiv e service selected from the set of available 
services and including all additional authentication information required by the r e sp e ctiv e 
selected service for authenticating the user to the r e sp e ctiv e selected service, the executable 
service communication code functioning to retrieve a kev corresponding to the particular 
service selected from the keysafe upon execution of the code th e reby e nabling th e cli e nt to 
QOOOGG the availabl e s e rvic e s without storing th e s e rvic e communication cod e and k e ys at the 
client or having to carry or rememb e r them . 

Claim 7 (Canceled). 

Claim 8 (Previously Presented): The system of claim 6, wherein the security services 
use a digital signature to authenticate the user to determine the user privileges. 

Claim 9 (Previously Presented): The system of claim 6, wherein the host engine 
forwards to the client security code for enabling the client to perform a security protocol 
recognized by the security services. 
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Claim 10 (Previously Presented): The system of claim 6, wherein one of the available 

services is secured by a firewall and one of the keys includes the additional authentication 

information to enable communication through the firewall. 

Claim 1 1 (Previously Presented): The system of claim 6, further comprising a 
firewall for protecting the system. 

Claim 12 (Previously Presented): The system of claim 6, wherein one of the keys 
includes an address identifying the location of the selected service. 

Claim 13 (Previously Presented): The system of claim 6, wherein the code uses a key 
to provide to the client a direct connection with the selected service. 

Claim 14 (Previously Presented): The system of claim 6, further comprising a proxy 
for communicating with the selected service, and wherein the code enables the client to 
communicate with the proxy and one of the keys enables the proxy to locate the selected 
service. 

Claim 15 (Canceled). 

Claim 16 (Previously Presented): The method of claim 20, wherein establishing a 
communications link includes the step of using SSL to create a secure communications link 
with the client. 
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Claim 17 (Previously Presented): The method of claim 20, wherein establishing a 

communications link includes the step of negotiating an encryption protocol for transferring 

messages to and from the client. 

Claim 18 (Previously Presented): The method of claim 20, wherein establishing a 
communications link includes the step of using public key certificates for transferring 
messages to and from the client. 

Claim 19 (Previously Presented): The method of claim 20, wherein determining user 
privileges includes the step of using public key certificates to authenticate a user of the client. 

Claim 20 (Currently Amended): A computer bas e d method comprising: 
establishing a communications link with a client; 

presenting to a user of the client a plurality of user authentication protocol options, 
each user authentication protocol option having a particular level of authentication associated 
with it; 

authenticating the user according to at least one user authentication protocol option; 
determining user privileges based on the identity of a user and the level of 
authentication; 

presenting a set of available services based on the user privileges, at least one of the 
available services requiring additional authentication information to be provided before 
access to the service is granted; 

enabling the client to select a particular service from a set of available services; 

providing to the client executable service communication code that enables 
communication with the particular service; and 
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retrieving a key from a set of keys, each key corresponding to a respective service 

from the set of available services, the retrieved key for enabling communication between the 

client and the particular service selected and including all additional authentication 

information required by the r e sp e ctive selected service for authenticating the user to the 

r e sp e ctiv e selected service, the executable service communication code functioning to 

retrieve a kev corresponding to the particular service selected from the keysafe upon 

execution of the code th e r e by e nabling th e cli e nt to acc es s th e availabl e s e rvic e s without 

storing th e s e rvic e communication cod e and k e ys at th e cli e nt or having to carry or r e member 

lilUlil. 

Claim 21 (Canceled). 

Claim 22 (Previously Presented): The method of claim 20, wherein determining user 
privileges includes th e st e p of using a digital signature to authenticate the user. 

Claim 23 (Previously Presented): The method of claim 20, wherein establishing a 
communications link includes forwarding to the client security code for enabling the client to 
perform a recognized security protocol. 

Claim 24 (Previously Presented): The method of claim 20, further comprising: 
th e st e p of using one of the keys to communicate through a firewall to the selected 

service. 
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Claim 25 (Previously Presented): The method of claim 20, wherein the method is 

performed by a server and further compriGing using employing a firewall to protect the 

server. 

Claim 26 (Previously Presented): The method of claim 20, wherein one of the keys 
includes an address identifying the location of the selected service. 

Claim 27 (Previously Presented): The method of claim 20, wherein providing 
includes the step of providing to the client a direct connection with the service. 

Claim 28 (Previously Presented): The method of claim 20, further comprising; 
using a proxy to communicate with the service, and wherein providing includes 
enabling the client to communicate with the proxy. 

Claim 29 (Currently Amended): A system on a server computer system, comprising: 
means for establishing a communications link with a client; 

means for presenting to a us e r of the client a plurality of user authentication protocol 
options, each user authentication protocol option having a particular level of authentication; 

means for authenticating the-a user according to at least one user authentication 
protocol; 

means for determining user privileges based on the identity of a-the user and the level 
of authentication; 

means for presenting a set of available services based on the user privileges, at least 
en -one of the available services requiring additional authentication information to be 
provided before granting access to the service; 
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means for enabling the client to select a particular service from a set of available 

services; 

means for providing to the client executable service communication code that enables 
communication with the particular service; and 

means for retrieving a key from a set of keys, each key corresponding to a respective 
service from the set of available services, the retrieved key for enabling communication 
between the client and the particular service selected and including all additional 
authentication information required by the r e sp e ctiv e selected service for authenticating the 
user to the r e sp e ctiv e selected service, the executable service communication code 
functioning to retrieve a key corresponding to the particular service selected from the keysafe 
upon execution of the code th e r e bv e nabling th e cli e nt to access the available servic e s without 
storing th e servic e communication cod e and k e ys at th e cli e nt . 



Claims 30-39 (Canceled) 
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